It was discovered that CamlImages, an open source image processinglibrary, suffers from several integer overflows, which may lead to apotentially exploitable heap overflow and result in arbitrary codeexecution. This advisory addresses issues with the reading of TIFFfiles. It also expands the patch for CVE-2009-2660 to cover anotherpotential overflow in the processing of JPEG images.

For the oldstable distribution (etch), this problem has been fixed inversion 2.20-8+etch3.

For the stable distribution (lenny), this problem has been fixed inversion 1:2.2.0-4+lenny3.

For the testing distribution (squeeze) and the unstable distribution(sid), this problem will be fixed soon.

We recommend that you upgrade your camlimages package.

Upgrade instructions- --------------------

wget url will fetch the file for youdpkg -i file.deb will install the referenced file.

If you are using the apt-get package manager, use the line forsources.list as given below: